Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Policy around IP Phones, Skype, etc.

From: David Gillett <gillettdavid () FHDA EDU>
Date: Wed, 25 Oct 2006 11:36:37 -0700
  We have concerns which currently lead us to block these:

1.  Our backbone doesn't yet do QoS.

2.  Skype can be used as a file delivery mechanism; I believe there have
already been attempts to release Skype-based worms.

3.  Skype clients relay for third parties; we interpret this as a violation
of the ToS from our state-funded ISP.

4.  Firewalls are policy enforcement devices.  When you engineer an
application like Skype to sidestep firewalls, what you are building is a
policy violation device.

5.  We have a perfectly good campus phone system.  If a user has a need it's
not meeting, we'd like them to talk to us and not just try to "fix" it
themselves.

David Gillett



  _____

From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
Sent: Wednesday, October 25, 2006 9:55 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Policy around IP Phones, Skype, etc.




Does anyone have thoughts - or an actual policy - regarding the use of IP
Phones or software such as Skype, etc. that they are willing to share?

Thanks!

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
IT Security Officer
Brown University Box 1885, Providence, RI 02912
 <mailto:Connie_Sadler () Brown edu> Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key:  <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB
Previous By Date Next
Previous By Thread Next

Current thread: